US7743038B1 - Inode based policy identifiers in a filing system - Google Patents

Inode based policy identifiers in a filing system Download PDF

Info

Publication number
US7743038B1
US7743038B1 US11/212,304 US21230405A US7743038B1 US 7743038 B1 US7743038 B1 US 7743038B1 US 21230405 A US21230405 A US 21230405A US 7743038 B1 US7743038 B1 US 7743038B1
Authority
US
United States
Prior art keywords
policy
identifier
filing system
processor
inode
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related, expires
Application number
US11/212,304
Inventor
Jonathan Scott Goldick
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ONSTAR Inc
Avago Technologies International Sales Pte Ltd
Original Assignee
LSI Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US11/212,304 priority Critical patent/US7743038B1/en
Assigned to ONSTOR, INC. reassignment ONSTOR, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GOLDICK, JONATHAN SCOTT
Application filed by LSI Corp filed Critical LSI Corp
Assigned to SILICON VALLEY BANK reassignment SILICON VALLEY BANK SECURITY AGREEMENT Assignors: ONSTOR, INC.
Assigned to Carr & Ferrell LLP reassignment Carr & Ferrell LLP LIEN (SEE DOCUMENT FOR DETAILS). Assignors: ONSTOR, INC.
Assigned to ONSTOR, INC reassignment ONSTOR, INC RELEASE OF SECURITY AGREEMENT (DE) Assignors: Carr & Ferrell LLP
Assigned to ONSTAR, INC. reassignment ONSTAR, INC. MERGER (SEE DOCUMENT FOR DETAILS). Assignors: NAS ACQUISITION CORPORATION
Assigned to ONSTOR, INC reassignment ONSTOR, INC RELEASE Assignors: SILICON VALLEY BANK
Assigned to ONSTOR, INC. reassignment ONSTOR, INC. MERGER (SEE DOCUMENT FOR DETAILS). Assignors: NAS ACQUISITION CORPORATION
Assigned to LSI CORPORATION reassignment LSI CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ONSTOR, INC.
Application granted granted Critical
Publication of US7743038B1 publication Critical patent/US7743038B1/en
Assigned to DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT reassignment DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT PATENT SECURITY AGREEMENT Assignors: AGERE SYSTEMS LLC, LSI CORPORATION
Assigned to AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. reassignment AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LSI CORPORATION
Assigned to LSI CORPORATION, AGERE SYSTEMS LLC reassignment LSI CORPORATION TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS (RELEASES RF 032856-0031) Assignors: DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT
Assigned to BANK OF AMERICA, N.A., AS COLLATERAL AGENT reassignment BANK OF AMERICA, N.A., AS COLLATERAL AGENT PATENT SECURITY AGREEMENT Assignors: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.
Assigned to AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. reassignment AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS Assignors: BANK OF AMERICA, N.A., AS COLLATERAL AGENT
Expired - Fee Related legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • G06F16/122File system administration, e.g. details of archiving or snapshots using management policies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • G06F16/1824Distributed file systems implemented using Network-attached Storage [NAS] architecture
    • G06F16/1827Management specifically adapted to NAS

Definitions

  • the present invention relates generally to filing systems for a data storage networks and more particularly to inode based policy identifiers in a filing system.
  • Filing systems have the storage capacity to span terabytes and petabytes of data and contain billions of file system objects. With increasing numbers of file system objects, provisioning and controlling space in the filing system requires more than the traditional notion of quota management. Space management for users, groups, and directory trees needs to be able to scale to larger storage capacities and the increasing number of file system objects.
  • file servers e.g., storage area network filers and network attached storage gateways
  • file servers typically duplicate the namespace of the filing system and store metadata alongside the duplicated namespace.
  • the namespace is space reserved by the filing system to contain the names of file system objects, such as a file, directory, and/or sub-directory.
  • the metadata includes additional information about the file system objects.
  • the metadata is used to determine compliance with space and quota management policies, such as disk usage quotas and access control to a file.
  • the file servers depend on maintaining external databases that duplicate the namespace of the filing system.
  • the external databases fail to scale to the increased number of file system objects.
  • the external databases grow too large to provide rapid access to the duplicated namespace.
  • the file system latency is increased because the external database and the namespace of the filing system are referenced when performing file system operations.
  • the file servers often require some limited file system integration, such as mechanisms provided by NetApp and Windows, to intercept the file system operations and for notifications of changes to the namespace such that duplication of the namespace is possible.
  • the file servers may store the metadata in the file system itself.
  • the size of an inode of a file system object is increased to additional space for storing the metadata. Increasing the size of the inode, however, increases the memory and disk footprint of the filing system and decreases the efficiency of file system caches.
  • resource forks such as in Apple's Hierarchical File System Plus (HFS+) and Microsoft's New Technology File System (NTFS) extended attributes, allow metadata storage in a separate part of the file system.
  • parallel metadata files which are files stored in the filing system with extended attributes similar to an inode of a file system object, are used to add information to the namespace.
  • the metadata stored by the resource forks and the parallel metadata files are stored at a different location than the namespace which, much like the external databases, reduces locality of access and increases latency.
  • the file server accesses different locations for both the namespace and the metadata during file system operations.
  • the invention addresses the above problems by providing a filing system for a storage area network with inode based policy identifiers.
  • the filing system includes a processor and a storage device configured to store data.
  • the processor receives an operation to perform on an object of the filing system and retrieves a policy identifier from an inode for the object.
  • the processor determines a policy from the policy identifier and determines whether execution of the operation is in compliance with the policy.
  • the processor also determines an action to perform based on the determination of compliance with the policy.
  • the object comprises a file.
  • the object may also comprise a directory.
  • the filing system quickly retrieves inode based policy identifiers from the inode of the file system object, such as a file, directory, and/or sub-directory.
  • the policy identified by the inode based policy identifier may comprise a quota.
  • the processor may further be configured execute the operation.
  • the action comprises generating and transmitting a message indicating the determination whether execution of the operation is in compliance with the policy.
  • the processor may further be configured to receive user input to define the policy for the filing system and determine the policy identifier for the policy. The processor then determines where in the inode to store the policy identifier and stores the policy identifier in the inode.
  • the processor further may be configured to transmit a policy query including the policy identifier to a policy database and receive a policy query result indicating the policy.
  • the filing system may further comprise the policy database configured to receive the policy query in the policy database and transmit the policy query result based on the policy identifier.
  • a method for operating a filing system for a storage area network includes receiving an operation to perform on an object in the filing system and retrieving a policy identifier from an inode for the object.
  • the method further includes determining a policy from the policy identifier, determining whether execution of the operation is in compliance with the policy, and determining an action to perform based on the determination of compliance with the policy.
  • a software product for a storage area network filing system.
  • the software product includes file system software operational when executed by a processor to direct the processor to receive an operation to perform on an object of the filing system.
  • the file system software directs the processor to retrieve a policy identifier from an inode for the object and determine a policy from the policy identifier.
  • the file system software further directs the processor to determine whether execution of the operation is in compliance with the policy and determine an action to perform based on the determination of compliance with the policy.
  • the filing system with inode based policy identifiers therefore provides a reduced memory and disk footprint in the storage area network because the policy identifiers are stored in the same location as the namespace.
  • the policy identifies are stored in the inode of the file system object rather than in separate and/or parallel metadata which increases the locality of access.
  • the size of the inode is not increased to store an arbitrary number of policy identifiers in the inode to provide better efficiency for file system caches.
  • resource forks in the file system and parallel metadata are not required because changes to the namespace and policy identifier storage may be made in the inode of the file, directory, and/or sub-directory, and not duplicated to an external database or to the parallel metadata.
  • FIG. 1 is an illustration of a system with a network attached storage (NAS) gateway in an exemplary implementation of the invention
  • FIG. 2 depicts an illustration of a system with multiple NAS gateways in an exemplary implementation of the invention
  • FIG. 3 is an illustration of an inode based policy identifier system in an exemplary implementation of the invention
  • FIG. 4 is a flowchart illustrating a method of operation of the NAS gateway for storing policy identifiers in an inode in an exemplary implementation of the invention.
  • FIGS. 5A and 5B are flowcharts illustrating a method of operation of the NAS gateway for retrieving policy identifiers in an inode in an exemplary implementation of the invention.
  • the present invention provides a filing system for a storage area network with inode based policy identifiers.
  • the embodiments discussed herein are illustrative of one example of the present invention.
  • various modifications or adaptations of the methods and/or specific structures described may become apparent to those skilled in the art. All such modifications, adaptations, or variations that rely upon the teachings of the present invention, and through which these teachings have advanced the art, are considered to be within the scope of the present invention.
  • these descriptions and drawings should not be considered in a limiting sense, as it is understood that the present invention is in no way limited to only the embodiments illustrated.
  • FIGS. 1-2 NAS Gateway Configuration and Operation— FIGS. 1-2
  • FIG. 1 is an illustration of a system 100 with a network attached storage (NAS) gateway 110 in an exemplary implementation of the invention.
  • the system includes a local area network (LAN) client 105 , a LAN client 107 , the NAS gateway 110 , a SAN 150 , and storage devices 160 .
  • LAN local area network
  • a LAN client 105 and a LAN client 107 are coupled to the NAS gateway 110 via a LAN 109 .
  • numerous LAN clients 105 and 107 are coupled to the LAN 109 . Only two LAN clients 105 and 107 are shown in FIG. 1 for the sake of simplicity. Other embodiments include any communication network to which clients are connected.
  • the NAS gateway 110 is coupled to a SAN 150 . Although only one NAS gateway 110 is shown, other embodiments comprise a number of NAS gateways 110 coupled between numerous LAN clients and multiple SANs. Although only one SAN 150 is shown for clarity, in various embodiments, there may be numerous SANs 150 coupled to the NAS gateway 110 . There are numerous storage devices 160 such as tape drives, disk drives, disk arrays, tape libraries, and other dedicated and/or shared storage resources that may be coupled to the SAN 150 , but they are not shown for the sake of simplicity and clarity. Other embodiments include any storage network where storage resources are connected in addition to the SAN 150 .
  • the exemplary NAS gateway 110 comprises a field-programmable gate array (FPGA) 112 , a TXRX processor 120 , a file system processor 130 , a user data cache 126 , a file system metadata cache 136 , and a fibre channel central processing unit (CPU) 140 .
  • the NAS gateway 110 is configured to receive a network message in a network protocol from a client (e.g., the LAN client 105 ).
  • the network message is any message or instruction in a network protocol that indicates a request for a file system object.
  • the network protocol is a set of standards or rules determining the format and transmission of data over a communications network.
  • the network protocol of the exemplary embodiment follows Transmission Control Protocol/Internet Protocol (TCP/IP), but may conform to any network protocol, for example, User Datagram Protocol (UDP).
  • TCP/IP Transmission Control Protocol/Internet Protocol
  • UDP User Datagram Protocol
  • the FPGA 112 of the NAS gateway 110 is coupled to the LAN 109 for error correction of received network messages, such as verifying a checksum of the TCP/IP network message.
  • the TXRX processor 120 includes a network central processing unit (CPU) 122 and an applications CPU 124 .
  • the network CPU 122 comprises a single-threaded state machine to perform network protocol processing, such as TCP/IP fragmentation correction, to result in the request for the file system object in the file system protocol to the applications CPU 124 .
  • the request for the file system object is any operation for the file system object, and may include without limitation a file creation request, a file rename request, a file write request, a directory request, a file storage request, and a file retrieval request.
  • the applications CPU 124 comprises a single-threaded state machine that processes the request for the file system object in the file system protocol.
  • the file system protocol is any protocol defining operations to be performed on file system objects. Some examples of the file system protocol are Common Internet File System (CIFS), Network File System (NFS), Network Lock Manager (NLM), or Network Status Monitor (NSM) protocols.
  • CIFS Common Internet File System
  • NFS Network File System
  • the network CPU 122 and the applications CPU 124 are each coupled to a user data cache 126 .
  • the user data cache 126 comprises 2 GB or 4 GB of memory.
  • the network CPU 122 is configured to write to a first partition (not shown) of the user data cache 126 for network protocol (e.g. packet) processing.
  • the applications CPU 124 is configured to write to a second partition (not shown) of the user data cache 126 , for example for state information required by NFS or CIFS (e.g., to denote that CIFS currently has a certain file system object open).
  • the remainder of the user data cache 126 is allocated to storage of file system objects.
  • the network CPU 122 and the applications CPU 124 are each configured to read from the entire address space of the user data cache 126 , including both the first partition and the second partition.
  • the NAS gateway 110 architecture advantageously optimizes cache memory usage without mirroring cache memory. For example, if the request from the LAN client 105 corresponds to a file write request, the network CPU 122 may assemble the corresponding request for the file write request, store the file write request in the user data cache 126 , and then communicate to the applications CPU 124 that the file write request has been received from the LAN client 105 . The applications CPU 124 may read the file write request directly from the user data cache 126 , without mirroring the first partition to a separate memory space directly accessible to the applications CPU 124 .
  • the TXRX processor 120 communicates with the file system processor 130 .
  • the TXRX processor 120 communicates via a Hyper Transport connection 128 with the file system processor 130 .
  • the file system processor 1320 comprises two threaded Symmetric Multiprocessing (SMP) processors, a file system CPU 132 , and a file system CPU 134 , supporting up to 8,000 simultaneous threads.
  • SMP Symmetric Multiprocessing
  • the file system processor 130 drives a journaling file system to determine the storage location of the file system object in the storage network, for example a disk 160 of the SAN 150 , based on a description of the file system object.
  • a file system metadata cache 136 stores inodes of substantially all file system objects stored in the storage network, identified by an inode number (i-number) in the storage network where the file system object resides, with information such as user and group ownership, access mode (e.g., read, write, and execute permissions), file length, time of last write/read, etc.
  • the file system metadata cache 136 includes inodes for substantially all file system objects in the storage network because searching for an inode at an unknown location in the storage network may require significant processor time and system resources.
  • the file system processor 130 if further configured to manage directories and snapshots in the file system metadata cache 136 . Snapshots are for copy-on-write. For example, a block of data on the disk 160 may have multiple references. To prevent a reference from operating on bad data, the file system processor 130 prevents modification of the block of data by a first reference if a second reference is reading the block. Rather than merely preventing the modification of the block of data, the file system processor 130 may write data from the first reference to a second block, and may indicate in the file system metadata cache 136 that the second block is writable.
  • the fibre channel CPU 140 comprises a storage processor coupled between the file system processor 130 and the storage network (e.g., the SAN 150 ).
  • the fibre channel CPU 140 is configured to receive the storage location of the file system object from the file system processor 130 and convert the storage location into one or more commands to the SAN 150 .
  • the commands comprise storage networking protocols such as FC 1 to FC 4 or SCSI commands.
  • the fibre channel CPU 140 of one embodiment comprises four processor slices. In another embodiment, the fibre channel CPU 140 comprises a single processor. The number of fibre channel CPU 140 processors or slices is selected to approximate the data rate of the LAN 109 . In some embodiments, the NAS gateway 110 includes one or more fibre channel ports to interface with the SAN 150 .
  • One feature of the NAS gateway 110 is that information related to the request for the file system object is stored in a non-volatile shared memory in the storage network, for example in a memory (not shown) of the disk 160 , one of a redundant array of independent disks (RAID) of the SAN 150 .
  • RAID storage units typically include large amounts of either non-volatile random access memory (NVRAM) or battery-backed cache memory to achieve high performance, as well as redundant power supplies for fault tolerance.
  • NVRAM non-volatile random access memory
  • the NAS gateway 110 takes advantage of the fact that RAID disks include large amounts of memory and stores information related to the request for the file system object to the RAID non-volatile memory.
  • the memory available for storage of information related to requests scales up.
  • the RAID array itself manages memory and disk transfers. For example, if a RAID disk battery is running low, then the RAID stores data to the physical disk media independently, without requiring support from the NAS gateway 110 .
  • any of the NAS gateways 110 may read data from the RAID disk, so that the RAID disk memory is shared among all of the NAS gateways 110 in the cluster.
  • FIG. 2 depicts an illustration of a system 200 with multiple NAS gateways in an exemplary implementation of the invention.
  • the system 200 includes LAN clients 202 , 204 , 206 , and 208 , LAN clients 212 , 214 , 216 , and 218 , NAS gateway 220 , NAS gateway 230 , storage area network 240 , disk array 250 , disk array 260 , and tape library 270 .
  • a network link 280 interconnects the LAN clients 202 , 204 , 206 , and 208 , the LAN clients 212 , 214 , 216 , and 218 , the NAS gateway 220 , and the NAS gateway 230 .
  • the SAN 240 is connected to the NAS gateway 220 , the NAS gateway 230 , the disk array 250 , the disk array 260 , and the tape library 270 .
  • NAS gateways 220 and 230 are shown in FIG. 2 for the sake of simplicity. Other embodiments may include numerous NAS gateways to expand file storage.
  • One advantage the NAS gateways 220 and 230 provide is high system availability through filer and/or gateway pooling.
  • a multiple NAS gateway configuration such as the system 200 in FIG. 2 eliminates single points of failure in two ways.
  • the multiple NAS gateway configuration permits users or servers to access data through any NAS gateway in a multiple-gateway environment. If the NAS gateway 220 is taken off-line or is experiencing excessive workload, users may easily be migrated to another NAS gateway 230 with no changes in IP address or server names required. For example, if LAN client 202 is accessing the disk array 260 through the NAS gateway 220 and the NAS gateway 220 fails or is overloaded, the LAN client 202 can still access the disk array 260 through the NAS gateway 230 .
  • NAS gateway pooling means that any NAS gateway can access data from any storage array.
  • all data including file system directories and metadata, are stored on shared devices accessible over the SAN 240 . Any NAS gateway can access the data regardless of which NAS gateway stored it.
  • NAS gateways offer petabyte addressability, each NAS gateway has essentially unlimited ability to directly access large pools of data. Unlike most virtual file system implementations, no redirection by another filer/gateway or metadata server is required. By eliminating both single-points-of-failure and performance bottlenecks, this architecture creates a highly robust storage environment.
  • FIG. 3 is an illustration of an inode based policy identifier system 300 in an exemplary implementation of the invention.
  • the inode based policy identifier system 300 includes an inode 305 , a file block 355 , a file block 360 , a file block 365 , and a policy database 370 . Only one inode (e.g., the inode 305 ) is illustrated in FIG. 3 for the sake of simplicity. Other embodiments may include multiple inodes, direct inodes, and indirect inodes.
  • the inode 305 is located, for example, in the file system metadata cache 136 ( FIG. 1 ). In some embodiments, the inode 305 is located in the storage devices 160 ( FIG. 1 ).
  • the file blocks 355 , 360 , and 365 may be stored in the SAN 150 .
  • the policy database 370 may be located in the NAS gateway 110 , or external to the NAS gateway 110 .
  • the inode 305 includes one or more entries having an extent record (e.g., extent records 310 , 325 , and 340 ) and an offset record (e.g., offset records 320 , 335 , and 350 .
  • Each of the extent records includes a policy identifier (ID) (e.g., policy IDs 315 , 330 , and 345 ).
  • ID policy identifier
  • the extent record 310 and the offset record 320 address data stored in the file block 355 .
  • the extent record 325 and the offset record 335 address data stored in the file block 360 .
  • the extent record 340 and the offset record 350 address data stored in the file block 360 .
  • the inode 305 is any file system data structure designated to store information defining a file system object, such as a file, directory, and/or other file system object.
  • the inode 305 includes file size information, where the file system object resides (e.g., the file blocks 355 , 360 , and 365 ), user and group ownership information, access mode (e.g., read, write, and execute permissions), and time of creation, access and/or modification.
  • the inode 305 may include part of b+tree describing the storage of file system objects in the file system.
  • a b+tree is a balanced search tree in which every node (e.g., the inode 305 ) has between the smallest whole number greater than or equal to (M/2) and M children, where M>1 is a fixed integer, and in which keys (e.g., the extent record 310 and the offset record 320 ) are stored in the leaves (i.e., nodes without children).
  • the extent records 310 , 325 , and 340 are any structures or objects that define a start location for a contiguous portion of the file system object.
  • the extent records 310 , 325 , and 340 may also define the size of the contiguous portion.
  • the offset records 320 , 335 , and 350 are any structures or objects that define an offset location from the start location for the contiguous portion of the file system object.
  • the extent records 310 , 325 , and 340 , and the offset records 320 , 335 , and 350 are each 64-bit fields in the inode 305 .
  • the policy IDs 315 , 330 , and 345 are any numbers, references, identifiers, or symbols that identify a policy.
  • the policy IDs 315 , 330 , and 345 are 32-bits of the extent records 310 , 325 , and 340 , respectively that identify one or more policies in the policy database 370 .
  • the policy IDs 315 , 330 , and 345 are 32-bits of the offset records 320 , 335 , and 350 .
  • the policy IDs 315 , 330 , and 345 may each have a corresponding Policy identifier attribute.
  • a policy, identifier attribute is any number, reference, identifier, or symbol that identifies an attribute or property of the policy identified by the policy identifier.
  • the policy identifier attribute comprises the first 10 bits of the policy identifier.
  • the policy identifier attribute comprises a bit mask stored in the inode 305 . The policy identifier attribute allows the NAS gateway 110 to quickly determine whether to look up a policy in the policy database 370 based on the policy identifier attribute.
  • a policy identifier attribute indicates that a policy identifier is not associated with a particular category of file operations (e.g., write operation)
  • the NAS gateway 110 then does not waste time performing unnecessary look ups of the policy in the policy database 370 .
  • the policy database 370 is any system, database, or storage device that stores policies.
  • the policies may be accessed in the policy database 370 by the policy IDs 315 , 330 , and 345 .
  • a policy is any quota, threshold, rule, and/or conditions used to manage access to or control file system resources.
  • a policy may provide space management and may be based on disk space quotas, percentages of file system space, user and group privileges, file system operations, security privileges, date and time, and a relationship to another policy.
  • a policy is a space management policy that tracks and provides quotas based on a file extension.
  • the space management policy limits the size or creation of “.MP3” files.
  • Another example of a policy is to allow quotas to be set in terms of a percentage of the file system size.
  • a policy may allow quotas to be set in terms of a percentage of a patent policy limit.
  • Another policy may combine user, group, and/or tree create rules with a file extension. For example, the policy disallows the creation of certain file types (i.e., with the prohibited file extension) in certain directory trees, or by the specific user and/or group.
  • Deny-read, deny-write, deny-rename, deny-link, allow-read, allow-write, allow-rename, and allow-link policies may be set by file extension, quota, quota tree, user, and group.
  • the NAS gateway 110 advantageously determines applicable policies from the policy IDs 315 , 330 , and 345 .
  • the policy IDs 315 , 330 , and 345 are read from the inode 305 and the policies to which the policy IDs 315 , 330 , and 345 are determined from the policy database 370 .
  • Storing the policy identifiers in the inode 305 rather than in a separate metadata file or parallel metadata inode, increases access proximity and decreases latency. Furthermore, because the size of the inode 305 is not increased to store the policy identifiers, memory and disk footprints are conserved and caching efficiency increases.
  • FIG. 4 is a flowchart illustrating a method of operation of the NAS gateway 110 for storing policy identifiers in an inode (e.g., the inode 305 of FIG. 3 ) in an exemplary implementation of the invention.
  • FIG. 4 begins in step 400 .
  • the NAS gateway 110 receives user input to define a policy for space management of a file system object, such as a file, directory, and/or sub-directory.
  • the user defines the policy with one or more rules to be met for compliance with the policy.
  • the user e.g., the file system administrator
  • File system operations by users to create or store files with the “MP3” extension in the “Accounting” directory violate the policy.
  • the administrative user limits the percentage of disk storage space for “.MPG” files in home directories of users of the system 100 to fifty percent of the disk quota allocated to each user.
  • the NAS gateway 110 assigns a policy identifier (e.g., the policy ID 315 ) to the policy.
  • the NAS gateway 110 assigns a policy identifier attribute to the policy identifier 315 .
  • the file extension policy in which users may not create and store files with an “MP3” extension in the “Accounting” directory, is triggered by file system operations create and rename. A read file system operation, however, may not invoke the file extension policy.
  • the NAS gateway 110 assigns the policy identifier attribute to process the policy identifier 315 for the create and rename file system operations, and not to process the policy identifier 315 for the read file system operation.
  • the NAS gateway 110 determines where to store the policy identifier 315 in the inode 305 of the file, directory, and/or sub-directory. In step 450 , the NAS gateway 110 determines where to store the policy identifier attribute in the inode 305 of the file, directory, and/or sub-directory. In step 460 , the NAS gateway 110 stores the policy identifier 315 (e.g., in the extent record 310 of FIG. 3 ) and the policy identifier attribute in the inode 305 of the file, directory, and/or sub-directory. FIG. 4 ends in step 470 .
  • Storage of the policy identifier 315 in the inode 305 leverages the b+ tree already present in the inode 305 for use in locating where a file's data is stored in the filing system. Since the b+tree is already compact, extensible, provides fast lookup, and is generally contiguous with the inode 305 itself, by using space bits, the policy identifiers may be stored within the b+tree records for similar extensibility and fast retrieval.
  • FIGS. 5A and 5B are flowcharts illustrating a method of operation of the NAS gateway 110 for retrieving policy identifiers in an inode (e.g., the inode 305 of FIG. 3 ) in an exemplary implementation of the invention.
  • FIG. 5A begins in step 500 .
  • the NAS gateway 110 receives a request to perform an operation on a file system object, such as a file, directory, and/or sub-directory based on a filename. Some examples of operations are to read a file, write a file, rename a file, create a file, and delete a file.
  • the NAS gateway 110 identifies an inode (e.g., the inode 305 ) for the file, directory, and/or sub-directory from the filename.
  • an inode e.g., the inode 305
  • the NAS gateway 110 reads the inode 305 for the file, directory, and/or sub-directory.
  • the NAS gateway 110 retrieves a policy identifier attribute from the inode 305 .
  • the NAS gateway 110 determines whether to process a policy identifier (e.g., the policy ID 315 ) based on the policy identifier attribute. For example, before the NAS gateway 110 renames a file, directory, and/or sub-directory, the NAS gateway 110 determines from the policy identifier attributes whether the policy associated with the policy identifier 315 is related to the filename or extension of the file, directory, and/or sub-directory.
  • a policy identifier e.g., the policy ID 315
  • the filename or extension of file is affected by the rename file system operation, and therefore the policy may be invoked. If the policy is independent of the filename, rather than a policy related to the amount of disk space consumed by file system objects with the filename or extension, for example, the NAS gateway 110 quickly skips looking up the policy by the policy identifier 315 . If the NAS gateway 110 determines not to process the policy identifier 315 based on the policy identifier attributes, the method continues to step 590 in FIG. 5B .
  • the NAS gateway 110 determines to process the policy identifier 315 based on the policy identifier attributes, the NAS gateway 110 retrieves the policy identifier 315 from the inode 305 in step 535 .
  • the NAS gateway 110 generates a policy query including the policy identifier 315 .
  • the policy query is any information that identifies the policy.
  • the policy query includes the policy identifier 315 .
  • the policy query includes the policy identifier 315 and the file system operation to be performed.
  • the NAS gateway 110 transmits the policy query to the policy database 370 ( FIG. 3 ).
  • the NAS gateway 110 receives a policy query result from the policy database 370 .
  • the policy query, result includes the policy identified by the policy identifier 315 .
  • the policy query result is any information that the NAS gateway 110 uses to determine whether the operation violates the policy.
  • the policy query result includes the rules that form the policy identified by the policy identifier 315 . The NAS gateway 110 then will apply the rules to the operation on the file, directory, and/or sub-directory to determine whether execution or performance of the operation violates the policy.
  • the returned policy query result includes a binary value: yes—to allow the operation, or no—to disallow the operation.
  • the NAS gateway 110 determines whether the operation on the file, directory, and/or sub-directory violates the policy. For example, if the policy query result includes the rules of the policy, the NAS gateway 110 applies the rules to the operation to determine whether execution or performance of the operation violates the policy. The NAS gateway 110 may simulate performance or execution of the operation on the file, directory, and/or sub-directory to determine whether the operation violates the policy. If the policy is violated, then the NAS gateway 110 reads the data or commits the changes, if any, to the file system.
  • the NAS gateway 110 determines from the “yes” that the operation is in compliance, and from the “no” that the operation is in violation. The NAS gateway 110 therefore does not expend resources simulating the operation on the file, directory, and/or sub-directory to determine compliance or violation of the policy.
  • the NAS gateway 110 then performs the operation on the file, directory, and/or sub-directory in step 585 . If the policy will be violated by the performance of the operation in step 560 , the NAS gateway 110 then determines an action to perform based on the violation of the policy in step 565 . In step 570 , the NAS gateway 110 , for example, sends an e-mail message to a user, such as an administrator, indicating the violation of the policy. In step 575 , the NAS gateway 110 may display a pop-up window on the display of an administrative user, indicating violation of the policy. In step 580 , the NAS gateway 110 may generate a log of the violation of the policy. FIG. 5B ends in step 590 .
  • the above method increases locality of access to the file system object inodes and policy identifiers, and decreases latency when retrieving the policy identifiers. Furthermore, because the size of the inode (e.g., the inode 305 ) is not increased to store the policy identifiers, memory and disk footprints of the file system are conserved and caching efficiency increases.
  • the filing system for a storage area network with inode based policy identifiers therefore receives an operation to perform on an object of the filing system, and retrieves a policy identifier from an inode for the object without the latency of referencing external databases and parallel metadata files.
  • the above-described functions can be comprised of instructions that are stored on storage media.
  • the instructions can be retrieved and executed by a processor.
  • Some examples of instructions are software, program code, and firmware.
  • Some examples of storage media are memory devices, tape, disks, integrated circuits, and servers.
  • the instructions are operational when executed by the processor to direct the processor to operate in accord with the invention. Those skilled in the art are familiar with instructions, processor(s), and storage media.

Abstract

A filing system for a storage area network with inode based policy identifiers is disclosed. The filing system includes a processor and a storage device configured to store data. The processor receives an operation to perform on an object of the filing system and retrieves a policy identifier from an inode for the object. The processor then determines a policy from the policy identifier and determines whether execution of the operation is in compliance with the policy. The processor also determines an action to perform based on the determination of compliance with the policy.

Description

BACKGROUND
1. Technical Field
The present invention relates generally to filing systems for a data storage networks and more particularly to inode based policy identifiers in a filing system.
2. Description of Related Art
Filing systems have the storage capacity to span terabytes and petabytes of data and contain billions of file system objects. With increasing numbers of file system objects, provisioning and controlling space in the filing system requires more than the traditional notion of quota management. Space management for users, groups, and directory trees needs to be able to scale to larger storage capacities and the increasing number of file system objects.
To provision and control space in the filing system, file servers (e.g., storage area network filers and network attached storage gateways) typically duplicate the namespace of the filing system and store metadata alongside the duplicated namespace. The namespace is space reserved by the filing system to contain the names of file system objects, such as a file, directory, and/or sub-directory. The metadata includes additional information about the file system objects. The metadata is used to determine compliance with space and quota management policies, such as disk usage quotas and access control to a file.
Often, the file servers depend on maintaining external databases that duplicate the namespace of the filing system. When the namespace grows to millions or billions of objects, the external databases fail to scale to the increased number of file system objects. The external databases grow too large to provide rapid access to the duplicated namespace. The file system latency is increased because the external database and the namespace of the filing system are referenced when performing file system operations. Additionally, the file servers often require some limited file system integration, such as mechanisms provided by NetApp and Windows, to intercept the file system operations and for notifications of changes to the namespace such that duplication of the namespace is possible.
Because the external databases typically do not scale to the increasing storage capacities, the file servers may store the metadata in the file system itself. In one example, the size of an inode of a file system object is increased to additional space for storing the metadata. Increasing the size of the inode, however, increases the memory and disk footprint of the filing system and decreases the efficiency of file system caches. In another example, resource forks such as in Apple's Hierarchical File System Plus (HFS+) and Microsoft's New Technology File System (NTFS) extended attributes, allow metadata storage in a separate part of the file system. Similarly, parallel metadata files, which are files stored in the filing system with extended attributes similar to an inode of a file system object, are used to add information to the namespace. However, the metadata stored by the resource forks and the parallel metadata files are stored at a different location than the namespace which, much like the external databases, reduces locality of access and increases latency. The file server accesses different locations for both the namespace and the metadata during file system operations.
SUMMARY OF THE INVENTION
The invention addresses the above problems by providing a filing system for a storage area network with inode based policy identifiers. The filing system includes a processor and a storage device configured to store data. The processor receives an operation to perform on an object of the filing system and retrieves a policy identifier from an inode for the object. The processor then determines a policy from the policy identifier and determines whether execution of the operation is in compliance with the policy. The processor also determines an action to perform based on the determination of compliance with the policy.
In some embodiments, the object comprises a file. The object may also comprise a directory. Advantageously, the filing system quickly retrieves inode based policy identifiers from the inode of the file system object, such as a file, directory, and/or sub-directory. The policy identified by the inode based policy identifier may comprise a quota. The processor may further be configured execute the operation.
In some embodiments, the action comprises generating and transmitting a message indicating the determination whether execution of the operation is in compliance with the policy. The processor may further be configured to receive user input to define the policy for the filing system and determine the policy identifier for the policy. The processor then determines where in the inode to store the policy identifier and stores the policy identifier in the inode.
The processor further may be configured to transmit a policy query including the policy identifier to a policy database and receive a policy query result indicating the policy. The filing system may further comprise the policy database configured to receive the policy query in the policy database and transmit the policy query result based on the policy identifier.
A method is provided for operating a filing system for a storage area network. The method includes receiving an operation to perform on an object in the filing system and retrieving a policy identifier from an inode for the object. The method further includes determining a policy from the policy identifier, determining whether execution of the operation is in compliance with the policy, and determining an action to perform based on the determination of compliance with the policy.
A software product is provided for a storage area network filing system. The software product includes file system software operational when executed by a processor to direct the processor to receive an operation to perform on an object of the filing system. The file system software directs the processor to retrieve a policy identifier from an inode for the object and determine a policy from the policy identifier. The file system software further directs the processor to determine whether execution of the operation is in compliance with the policy and determine an action to perform based on the determination of compliance with the policy.
The filing system with inode based policy identifiers therefore provides a reduced memory and disk footprint in the storage area network because the policy identifiers are stored in the same location as the namespace. The policy identifies are stored in the inode of the file system object rather than in separate and/or parallel metadata which increases the locality of access. Furthermore, the size of the inode is not increased to store an arbitrary number of policy identifiers in the inode to provide better efficiency for file system caches. Moreover, resource forks in the file system and parallel metadata are not required because changes to the namespace and policy identifier storage may be made in the inode of the file, directory, and/or sub-directory, and not duplicated to an external database or to the parallel metadata.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is an illustration of a system with a network attached storage (NAS) gateway in an exemplary implementation of the invention;
FIG. 2 depicts an illustration of a system with multiple NAS gateways in an exemplary implementation of the invention;
FIG. 3 is an illustration of an inode based policy identifier system in an exemplary implementation of the invention;
FIG. 4 is a flowchart illustrating a method of operation of the NAS gateway for storing policy identifiers in an inode in an exemplary implementation of the invention; and
FIGS. 5A and 5B are flowcharts illustrating a method of operation of the NAS gateway for retrieving policy identifiers in an inode in an exemplary implementation of the invention.
 DETAILED DESCRIPTION OF THE INVENTION
The present invention provides a filing system for a storage area network with inode based policy identifiers. In order to better understand the present invention, aspects of the within which the invention operates will first be described. The embodiments discussed herein are illustrative of one example of the present invention. As these embodiments of the present invention are described with reference to illustrations, various modifications or adaptations of the methods and/or specific structures described may become apparent to those skilled in the art. All such modifications, adaptations, or variations that rely upon the teachings of the present invention, and through which these teachings have advanced the art, are considered to be within the scope of the present invention. Hence, these descriptions and drawings should not be considered in a limiting sense, as it is understood that the present invention is in no way limited to only the embodiments illustrated.
NAS Gateway Configuration and Operation—FIGS. 1-2
FIG. 1 is an illustration of a system 100 with a network attached storage (NAS) gateway 110 in an exemplary implementation of the invention. The system includes a local area network (LAN) client 105, a LAN client 107, the NAS gateway 110, a SAN 150, and storage devices 160.
A LAN client 105 and a LAN client 107 are coupled to the NAS gateway 110 via a LAN 109. In various embodiments, numerous LAN clients 105 and 107 are coupled to the LAN 109. Only two LAN clients 105 and 107 are shown in FIG. 1 for the sake of simplicity. Other embodiments include any communication network to which clients are connected.
The NAS gateway 110 is coupled to a SAN 150. Although only one NAS gateway 110 is shown, other embodiments comprise a number of NAS gateways 110 coupled between numerous LAN clients and multiple SANs. Although only one SAN 150 is shown for clarity, in various embodiments, there may be numerous SANs 150 coupled to the NAS gateway 110. There are numerous storage devices 160 such as tape drives, disk drives, disk arrays, tape libraries, and other dedicated and/or shared storage resources that may be coupled to the SAN 150, but they are not shown for the sake of simplicity and clarity. Other embodiments include any storage network where storage resources are connected in addition to the SAN 150.
The exemplary NAS gateway 110 comprises a field-programmable gate array (FPGA) 112, a TXRX processor 120, a file system processor 130, a user data cache 126, a file system metadata cache 136, and a fibre channel central processing unit (CPU) 140. The NAS gateway 110 is configured to receive a network message in a network protocol from a client (e.g., the LAN client 105). The network message is any message or instruction in a network protocol that indicates a request for a file system object. The network protocol is a set of standards or rules determining the format and transmission of data over a communications network. The network protocol of the exemplary embodiment follows Transmission Control Protocol/Internet Protocol (TCP/IP), but may conform to any network protocol, for example, User Datagram Protocol (UDP). The FPGA 112 of the NAS gateway 110 is coupled to the LAN 109 for error correction of received network messages, such as verifying a checksum of the TCP/IP network message.
The TXRX processor 120 includes a network central processing unit (CPU) 122 and an applications CPU 124. In one embodiment, the network CPU 122 comprises a single-threaded state machine to perform network protocol processing, such as TCP/IP fragmentation correction, to result in the request for the file system object in the file system protocol to the applications CPU 124. The request for the file system object is any operation for the file system object, and may include without limitation a file creation request, a file rename request, a file write request, a directory request, a file storage request, and a file retrieval request. In one embodiment, the applications CPU 124 comprises a single-threaded state machine that processes the request for the file system object in the file system protocol. The file system protocol is any protocol defining operations to be performed on file system objects. Some examples of the file system protocol are Common Internet File System (CIFS), Network File System (NFS), Network Lock Manager (NLM), or Network Status Monitor (NSM) protocols.
The network CPU 122 and the applications CPU 124 are each coupled to a user data cache 126. In some embodiments, the user data cache 126 comprises 2 GB or 4 GB of memory. The network CPU 122 is configured to write to a first partition (not shown) of the user data cache 126 for network protocol (e.g. packet) processing. The applications CPU 124 is configured to write to a second partition (not shown) of the user data cache 126, for example for state information required by NFS or CIFS (e.g., to denote that CIFS currently has a certain file system object open). The remainder of the user data cache 126 is allocated to storage of file system objects. The network CPU 122 and the applications CPU 124 are each configured to read from the entire address space of the user data cache 126, including both the first partition and the second partition.
By allocating specific memory partitions for each CPU of the TXRX processor 120, the NAS gateway 110 architecture advantageously optimizes cache memory usage without mirroring cache memory. For example, if the request from the LAN client 105 corresponds to a file write request, the network CPU 122 may assemble the corresponding request for the file write request, store the file write request in the user data cache 126, and then communicate to the applications CPU 124 that the file write request has been received from the LAN client 105. The applications CPU 124 may read the file write request directly from the user data cache 126, without mirroring the first partition to a separate memory space directly accessible to the applications CPU 124.
The TXRX processor 120 communicates with the file system processor 130. In one embodiment, the TXRX processor 120 communicates via a Hyper Transport connection 128 with the file system processor 130. In one embodiment, the file system processor 1320 comprises two threaded Symmetric Multiprocessing (SMP) processors, a file system CPU 132, and a file system CPU 134, supporting up to 8,000 simultaneous threads.
The file system processor 130 drives a journaling file system to determine the storage location of the file system object in the storage network, for example a disk 160 of the SAN 150, based on a description of the file system object. A file system metadata cache 136 stores inodes of substantially all file system objects stored in the storage network, identified by an inode number (i-number) in the storage network where the file system object resides, with information such as user and group ownership, access mode (e.g., read, write, and execute permissions), file length, time of last write/read, etc. The file system metadata cache 136 includes inodes for substantially all file system objects in the storage network because searching for an inode at an unknown location in the storage network may require significant processor time and system resources.
The file system processor 130 if further configured to manage directories and snapshots in the file system metadata cache 136. Snapshots are for copy-on-write. For example, a block of data on the disk 160 may have multiple references. To prevent a reference from operating on bad data, the file system processor 130 prevents modification of the block of data by a first reference if a second reference is reading the block. Rather than merely preventing the modification of the block of data, the file system processor 130 may write data from the first reference to a second block, and may indicate in the file system metadata cache 136 that the second block is writable.
The fibre channel CPU 140 comprises a storage processor coupled between the file system processor 130 and the storage network (e.g., the SAN 150). The fibre channel CPU 140 is configured to receive the storage location of the file system object from the file system processor 130 and convert the storage location into one or more commands to the SAN 150. In various embodiments, the commands comprise storage networking protocols such as FC1 to FC4 or SCSI commands.
The fibre channel CPU 140 of one embodiment comprises four processor slices. In another embodiment, the fibre channel CPU 140 comprises a single processor. The number of fibre channel CPU 140 processors or slices is selected to approximate the data rate of the LAN 109. In some embodiments, the NAS gateway 110 includes one or more fibre channel ports to interface with the SAN 150.
One feature of the NAS gateway 110 is that information related to the request for the file system object is stored in a non-volatile shared memory in the storage network, for example in a memory (not shown) of the disk 160, one of a redundant array of independent disks (RAID) of the SAN 150. RAID storage units typically include large amounts of either non-volatile random access memory (NVRAM) or battery-backed cache memory to achieve high performance, as well as redundant power supplies for fault tolerance. In some embodiments, the NAS gateway 110 takes advantage of the fact that RAID disks include large amounts of memory and stores information related to the request for the file system object to the RAID non-volatile memory. Advantageously, with each additional RAID array added in the SAN 150, the memory available for storage of information related to requests scales up. Further, the RAID array itself manages memory and disk transfers. For example, if a RAID disk battery is running low, then the RAID stores data to the physical disk media independently, without requiring support from the NAS gateway 110. Furthermore, for a cluster of NAS gateways 110 coupled to the SAN 150, any of the NAS gateways 110 may read data from the RAID disk, so that the RAID disk memory is shared among all of the NAS gateways 110 in the cluster.
FIG. 2 depicts an illustration of a system 200 with multiple NAS gateways in an exemplary implementation of the invention. The system 200 includes LAN clients 202, 204, 206, and 208, LAN clients 212, 214, 216, and 218, NAS gateway 220, NAS gateway 230, storage area network 240, disk array 250, disk array 260, and tape library 270. A network link 280 interconnects the LAN clients 202, 204, 206, and 208, the LAN clients 212, 214, 216, and 218, the NAS gateway 220, and the NAS gateway 230. The SAN 240 is connected to the NAS gateway 220, the NAS gateway 230, the disk array 250, the disk array 260, and the tape library 270.
Only two NAS gateways 220 and 230 are shown in FIG. 2 for the sake of simplicity. Other embodiments may include numerous NAS gateways to expand file storage. One advantage the NAS gateways 220 and 230 provide is high system availability through filer and/or gateway pooling. A multiple NAS gateway configuration such as the system 200 in FIG. 2 eliminates single points of failure in two ways. First, the multiple NAS gateway configuration permits users or servers to access data through any NAS gateway in a multiple-gateway environment. If the NAS gateway 220 is taken off-line or is experiencing excessive workload, users may easily be migrated to another NAS gateway 230 with no changes in IP address or server names required. For example, if LAN client 202 is accessing the disk array 260 through the NAS gateway 220 and the NAS gateway 220 fails or is overloaded, the LAN client 202 can still access the disk array 260 through the NAS gateway 230.
Second, NAS gateway pooling means that any NAS gateway can access data from any storage array. In the NAS gateway environment such as system 200, all data, including file system directories and metadata, are stored on shared devices accessible over the SAN 240. Any NAS gateway can access the data regardless of which NAS gateway stored it. Because NAS gateways offer petabyte addressability, each NAS gateway has essentially unlimited ability to directly access large pools of data. Unlike most virtual file system implementations, no redirection by another filer/gateway or metadata server is required. By eliminating both single-points-of-failure and performance bottlenecks, this architecture creates a highly robust storage environment.
Inode Based Policy Identifiers—FIGS. 3-5B
FIG. 3 is an illustration of an inode based policy identifier system 300 in an exemplary implementation of the invention. The inode based policy identifier system 300 includes an inode 305, a file block 355, a file block 360, a file block 365, and a policy database 370. Only one inode (e.g., the inode 305) is illustrated in FIG. 3 for the sake of simplicity. Other embodiments may include multiple inodes, direct inodes, and indirect inodes. The inode 305 is located, for example, in the file system metadata cache 136 (FIG. 1). In some embodiments, the inode 305 is located in the storage devices 160 (FIG. 1). The file blocks 355, 360, and 365 may be stored in the SAN 150. The policy database 370 may be located in the NAS gateway 110, or external to the NAS gateway 110.
The inode 305 includes one or more entries having an extent record (e.g., extent records 310, 325, and 340) and an offset record (e.g., offset records 320, 335, and 350. Each of the extent records includes a policy identifier (ID) (e.g., policy IDs 315, 330, and 345). The extent record 310 and the offset record 320 address data stored in the file block 355. The extent record 325 and the offset record 335 address data stored in the file block 360. The extent record 340 and the offset record 350 address data stored in the file block 360.
The inode 305 is any file system data structure designated to store information defining a file system object, such as a file, directory, and/or other file system object. In one example, the inode 305 includes file size information, where the file system object resides (e.g., the file blocks 355, 360, and 365), user and group ownership information, access mode (e.g., read, write, and execute permissions), and time of creation, access and/or modification. The inode 305 may include part of b+tree describing the storage of file system objects in the file system. A b+tree is a balanced search tree in which every node (e.g., the inode 305) has between the smallest whole number greater than or equal to (M/2) and M children, where M>1 is a fixed integer, and in which keys (e.g., the extent record 310 and the offset record 320) are stored in the leaves (i.e., nodes without children).
The extent records 310, 325, and 340 are any structures or objects that define a start location for a contiguous portion of the file system object. The extent records 310, 325, and 340 may also define the size of the contiguous portion. The offset records 320, 335, and 350 are any structures or objects that define an offset location from the start location for the contiguous portion of the file system object. In one example, the extent records 310, 325, and 340, and the offset records 320, 335, and 350 are each 64-bit fields in the inode 305.
The policy IDs 315, 330, and 345 are any numbers, references, identifiers, or symbols that identify a policy. For example, the policy IDs 315, 330, and 345 are 32-bits of the extent records 310, 325, and 340, respectively that identify one or more policies in the policy database 370. In some embodiments, the policy IDs 315, 330, and 345 are 32-bits of the offset records 320, 335, and 350.
The policy IDs 315, 330, and 345 may each have a corresponding Policy identifier attribute. A policy, identifier attribute is any number, reference, identifier, or symbol that identifies an attribute or property of the policy identified by the policy identifier. For example, the policy identifier attribute comprises the first 10 bits of the policy identifier. In another example, the policy identifier attribute comprises a bit mask stored in the inode 305. The policy identifier attribute allows the NAS gateway 110 to quickly determine whether to look up a policy in the policy database 370 based on the policy identifier attribute. For example, if a policy identifier attribute indicates that a policy identifier is not associated with a particular category of file operations (e.g., write operation), the NAS gateway 110 then does not waste time performing unnecessary look ups of the policy in the policy database 370.
The policy database 370 is any system, database, or storage device that stores policies. The policies may be accessed in the policy database 370 by the policy IDs 315, 330, and 345. A policy is any quota, threshold, rule, and/or conditions used to manage access to or control file system resources. A policy may provide space management and may be based on disk space quotas, percentages of file system space, user and group privileges, file system operations, security privileges, date and time, and a relationship to another policy.
One example of a policy is a space management policy that tracks and provides quotas based on a file extension. For example, the space management policy limits the size or creation of “.MP3” files. Another example of a policy is to allow quotas to be set in terms of a percentage of the file system size. A policy may allow quotas to be set in terms of a percentage of a patent policy limit. Another policy may combine user, group, and/or tree create rules with a file extension. For example, the policy disallows the creation of certain file types (i.e., with the prohibited file extension) in certain directory trees, or by the specific user and/or group. Deny-read, deny-write, deny-rename, deny-link, allow-read, allow-write, allow-rename, and allow-link policies may be set by file extension, quota, quota tree, user, and group.
The NAS gateway 110 advantageously determines applicable policies from the policy IDs 315, 330, and 345. The policy IDs 315, 330, and 345 are read from the inode 305 and the policies to which the policy IDs 315, 330, and 345 are determined from the policy database 370. Storing the policy identifiers in the inode 305, rather than in a separate metadata file or parallel metadata inode, increases access proximity and decreases latency. Furthermore, because the size of the inode 305 is not increased to store the policy identifiers, memory and disk footprints are conserved and caching efficiency increases.
FIG. 4 is a flowchart illustrating a method of operation of the NAS gateway 110 for storing policy identifiers in an inode (e.g., the inode 305 of FIG. 3) in an exemplary implementation of the invention. FIG. 4 begins in step 400. In step 410, the NAS gateway 110 receives user input to define a policy for space management of a file system object, such as a file, directory, and/or sub-directory. The user defines the policy with one or more rules to be met for compliance with the policy.
For example, the user (e.g., the file system administrator) defines a file extension policy in which files with an “MP3” extension cannot be read, written, created, and linked in the “Accounting” directory. File system operations by users to create or store files with the “MP3” extension in the “Accounting” directory violate the policy. In another example, the administrative user limits the percentage of disk storage space for “.MPG” files in home directories of users of the system 100 to fifty percent of the disk quota allocated to each user.
In step 420, the NAS gateway 110 assigns a policy identifier (e.g., the policy ID 315) to the policy. In step 430, the NAS gateway 110 assigns a policy identifier attribute to the policy identifier 315. For example, the file extension policy in which users may not create and store files with an “MP3” extension in the “Accounting” directory, is triggered by file system operations create and rename. A read file system operation, however, may not invoke the file extension policy. The NAS gateway 110 assigns the policy identifier attribute to process the policy identifier 315 for the create and rename file system operations, and not to process the policy identifier 315 for the read file system operation.
In step 440, the NAS gateway 110 determines where to store the policy identifier 315 in the inode 305 of the file, directory, and/or sub-directory. In step 450, the NAS gateway 110 determines where to store the policy identifier attribute in the inode 305 of the file, directory, and/or sub-directory. In step 460, the NAS gateway 110 stores the policy identifier 315 (e.g., in the extent record 310 of FIG. 3) and the policy identifier attribute in the inode 305 of the file, directory, and/or sub-directory. FIG. 4 ends in step 470.
Storage of the policy identifier 315 in the inode 305, in the example, leverages the b+ tree already present in the inode 305 for use in locating where a file's data is stored in the filing system. Since the b+tree is already compact, extensible, provides fast lookup, and is generally contiguous with the inode 305 itself, by using space bits, the policy identifiers may be stored within the b+tree records for similar extensibility and fast retrieval.
FIGS. 5A and 5B are flowcharts illustrating a method of operation of the NAS gateway 110 for retrieving policy identifiers in an inode (e.g., the inode 305 of FIG. 3) in an exemplary implementation of the invention. FIG. 5A begins in step 500. In step 505, the NAS gateway 110 receives a request to perform an operation on a file system object, such as a file, directory, and/or sub-directory based on a filename. Some examples of operations are to read a file, write a file, rename a file, create a file, and delete a file. In step 510, the NAS gateway 110 identifies an inode (e.g., the inode 305) for the file, directory, and/or sub-directory from the filename.
In step 515, the NAS gateway 110 reads the inode 305 for the file, directory, and/or sub-directory. In step 520, the NAS gateway 110 retrieves a policy identifier attribute from the inode 305. In step 530, the NAS gateway 110 determines whether to process a policy identifier (e.g., the policy ID 315) based on the policy identifier attribute. For example, before the NAS gateway 110 renames a file, directory, and/or sub-directory, the NAS gateway 110 determines from the policy identifier attributes whether the policy associated with the policy identifier 315 is related to the filename or extension of the file, directory, and/or sub-directory. The filename or extension of file is affected by the rename file system operation, and therefore the policy may be invoked. If the policy is independent of the filename, rather than a policy related to the amount of disk space consumed by file system objects with the filename or extension, for example, the NAS gateway 110 quickly skips looking up the policy by the policy identifier 315. If the NAS gateway 110 determines not to process the policy identifier 315 based on the policy identifier attributes, the method continues to step 590 in FIG. 5B.
If the NAS gateway 110 determines to process the policy identifier 315 based on the policy identifier attributes, the NAS gateway 110 retrieves the policy identifier 315 from the inode 305 in step 535. In step 540, the NAS gateway 110 generates a policy query including the policy identifier 315. The policy query is any information that identifies the policy. For example, the policy query includes the policy identifier 315. In another example, the policy query includes the policy identifier 315 and the file system operation to be performed. In step 545, the NAS gateway 110 transmits the policy query to the policy database 370 (FIG. 3).
In step 550, the NAS gateway 110 receives a policy query result from the policy database 370. In this example, the policy query, result includes the policy identified by the policy identifier 315. The policy query result is any information that the NAS gateway 110 uses to determine whether the operation violates the policy. In one example, the policy query result includes the rules that form the policy identified by the policy identifier 315. The NAS gateway 110 then will apply the rules to the operation on the file, directory, and/or sub-directory to determine whether execution or performance of the operation violates the policy. In another example, after the NAS gateway 110 transmits the policy query which includes the policy identifier 315 and details of the operation and the file, directory, and/or sub-directory, the returned policy query result includes a binary value: yes—to allow the operation, or no—to disallow the operation.
In step 555, the NAS gateway 110 determines whether the operation on the file, directory, and/or sub-directory violates the policy. For example, if the policy query result includes the rules of the policy, the NAS gateway 110 applies the rules to the operation to determine whether execution or performance of the operation violates the policy. The NAS gateway 110 may simulate performance or execution of the operation on the file, directory, and/or sub-directory to determine whether the operation violates the policy. If the policy is violated, then the NAS gateway 110 reads the data or commits the changes, if any, to the file system. If the policy query result includes the binary value: yes—to allow the operation, or no—to disallow the operation, the NAS gateway 110 determines from the “yes” that the operation is in compliance, and from the “no” that the operation is in violation. The NAS gateway 110 therefore does not expend resources simulating the operation on the file, directory, and/or sub-directory to determine compliance or violation of the policy.
If the policy will not be violated by the performance of the operation in step 560, the NAS gateway 110 then performs the operation on the file, directory, and/or sub-directory in step 585. If the policy will be violated by the performance of the operation in step 560, the NAS gateway 110 then determines an action to perform based on the violation of the policy in step 565. In step 570, the NAS gateway 110, for example, sends an e-mail message to a user, such as an administrator, indicating the violation of the policy. In step 575, the NAS gateway 110 may display a pop-up window on the display of an administrative user, indicating violation of the policy. In step 580, the NAS gateway 110 may generate a log of the violation of the policy. FIG. 5B ends in step 590.
Therefore, rather than storing the policy identifiers in a separate metadata file or parallel metadata inode, the above method increases locality of access to the file system object inodes and policy identifiers, and decreases latency when retrieving the policy identifiers. Furthermore, because the size of the inode (e.g., the inode 305) is not increased to store the policy identifiers, memory and disk footprints of the file system are conserved and caching efficiency increases. The filing system for a storage area network with inode based policy identifiers therefore receives an operation to perform on an object of the filing system, and retrieves a policy identifier from an inode for the object without the latency of referencing external databases and parallel metadata files.
The above-described functions can be comprised of instructions that are stored on storage media. The instructions can be retrieved and executed by a processor. Some examples of instructions are software, program code, and firmware. Some examples of storage media are memory devices, tape, disks, integrated circuits, and servers. The instructions are operational when executed by the processor to direct the processor to operate in accord with the invention. Those skilled in the art are familiar with instructions, processor(s), and storage media.
The above description is illustrative and not restrictive. Many variations of the invention will become apparent to those of skill in the art upon review of this disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the appended claims along with their full scope of equivalents.

Claims (27)

1. A method for operating a filing system for a storage area network, the method comprising:
receiving an operation to perform on an object in the filing system, wherein the object is represented by a b+ tree in the filing system, wherein information relating to the operation to perform on the object in the filing system is stored in a non-volatile shared memory in the storage area network;
retrieving a policy identifier from a localized, nonparallel inode for the object, the policy identifier including a policy identifier attribute;
determining a policy from the policy identifier;
determining whether execution of the operation is in compliance with the policy; and
determining an action to perform based on the determination of compliance with the policy,
wherein the policy identifier attribute includes at least one number, reference, identifier, or symbol identifying an attribute or a property of the policy,
wherein a network attached storage gateway determines whether to look up the policy in a policy database based on the policy identifier attribute.
2. The method of claim 1 wherein the object comprises a file.
3. The method of claim 1 wherein the object comprises a directory.
4. The method of claim 1 wherein the policy comprises a quota.
5. The method of claim 1, further comprising executing the operation.
6. The method of claim 1 wherein the action comprises generating and transmitting a message indicating the determination whether execution of the operation is in compliance with the policy.
7. The method of claim 1, further comprising:
receiving user input to define the policy for the filing system;
determining the policy identifier for the policy;
determining where in the inode to store the policy identifier; and
storing the policy identifier in the inode.
8. The method of claim 1 wherein determining the policy from the policy identifier further comprises:
transmitting a policy query including the policy identifier to the policy database; and
receiving a policy query result indicating the policy.
9. The method of claim 8 further comprises:
receiving the policy query in the policy database; and
transmitting the policy query result from the policy database based on the policy identifier.
10. A filing system for a storage area network, the filing system comprising:
a processor configured to receive an operation to perform on an object of the filing system, retrieve a policy identifier from a localized, nonparallel inode for the object, determine a policy from the policy identifier, determine whether execution of the operation is in compliance with the policy, and determine an action to perform based on the determination of compliance with the policy; and
a storage device coupled to the processor and configured to store data,
wherein information relating to the operation to perform on the object in the filing system is stored in a non-volatile shared memory in the storage area network,
wherein the object is represented by a b+ tree in the filing system,
wherein the policy identifier includes a policy identifier attribute, the policy identifier attribute including at least one number, reference, identifier, or symbol identifying an attribute or a property of the policy,
wherein a network attached storage gateway determines whether to look up the policy in a policy database based on the policy identifier attribute.
11. The filing system of claim 10 wherein the object comprises a file.
12. The filing system of claim 10 wherein the object comprises a directory.
13. The filing system of claim 10 wherein the policy comprises a quota.
14. The filing system of claim 10 wherein the processor is further configured to execute the operation.
15. The filing system of claim 10 wherein the action comprises generating and transmitting a message indicating the determination whether execution of the operation is in compliance with the policy.
16. The filing system of claim 10 wherein the processor is further configured to receive user input to define the policy for the filing system, determine the policy identifier for the policy, determine where in the inode to store the policy identifier, and store the policy identifier in the inode.
17. The filing system of claim 10 wherein the processor is further configured to transmit a policy query including the policy identifier to the policy database, and receive a policy query result indicating the policy.
18. The filing system of claim 17, further comprising the policy database configured to receive the policy query in the policy database and transmit the policy query result based on the policy identifier.
19. A software product for a storage area network filing system, the software product comprising:
file system software operational when executed by a processor to direct the processor to receive an operation to perform on an object of the filing system, retrieve a policy identifier from a localized, nonparallel inode for the object, determine a policy from the policy identifier, determine whether execution of the operation is in compliance with the policy, and determine an action to perform based on the determination of compliance with the policy; and
a software storage medium operational to store the file system software
wherein information relating to the operation to perform on the object in the filing system is stored in a non-volatile shared memory in the storage area network,
wherein the object is represented by a b+tree in the filing system,
wherein the policy identifier includes a policy identifier attribute, the policy identifier attribute including at least one number, reference, identifier, or symbol identifying an attribute or a property of the policy,
wherein a network attached storage gateway determines whether to look up the policy in a policy database based on the policy identifier attribute.
20. The software product of claim 19 wherein the object comprises a file.
21. The software product of claim 19 wherein the object comprises a directory.
22. The software product of claim 19 wherein the policy comprises a quota.
23. The software product of claim 19 wherein the file system software is operational when executed by the processor to direct the processor to execute the operation.
24. The software product of claim 19 wherein the file system software is operational when executed by the processor to direct the processor to generate and transmit a message indicating the determination whether execution of the operation is in compliance with the policy.
25. The software product of claim 19 wherein the file system software is operational when executed by the processor to direct the processor to receive user input to define the policy for the filing system, determine the policy identifier for the policy, determine where in the inode to store the policy identifier, and store the policy identifier in the inode.
26. The software product of claim 19 wherein the file system software is operational when executed by the processor to direct the processor to transmit a policy query including the policy identifier to the policy database and receive a policy query result indicating the policy.
27. The software product of claim 26 wherein the policy database is configured to receive the policy query in the policy query database and transmit the policy query result from the policy database based on the policy identifier.
US11/212,304 2005-08-24 2005-08-24 Inode based policy identifiers in a filing system Expired - Fee Related US7743038B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11/212,304 US7743038B1 (en) 2005-08-24 2005-08-24 Inode based policy identifiers in a filing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/212,304 US7743038B1 (en) 2005-08-24 2005-08-24 Inode based policy identifiers in a filing system

Publications (1)

Publication Number Publication Date
US7743038B1 true US7743038B1 (en) 2010-06-22

Family

ID=42260736

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/212,304 Expired - Fee Related US7743038B1 (en) 2005-08-24 2005-08-24 Inode based policy identifiers in a filing system

Country Status (1)

Country Link
US (1) US7743038B1 (en)

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080256599A1 (en) * 2007-04-16 2008-10-16 Samsung Electronics Co., Ltd. Apparatus and method for protecting system in virtualized environment
US20100024030A1 (en) * 2008-07-23 2010-01-28 Microsoft Corporation Restartable transformation automaton
US20120131063A1 (en) * 2009-07-02 2012-05-24 Laberge Tim Method for reliable and efficient filesystem metadata conversion
US20130148668A1 (en) * 2011-12-09 2013-06-13 Brian Kean Intelligent traffic quota management
US20140237163A1 (en) * 2013-02-19 2014-08-21 Lsi Corporation Reducing writes to solid state drive cache memories of storage controllers
US8886611B2 (en) 2010-09-30 2014-11-11 Axcient, Inc. Systems and methods for restoring a file
US8954544B2 (en) 2010-09-30 2015-02-10 Axcient, Inc. Cloud-based virtual machines and offices
US9178767B2 (en) 2011-12-09 2015-11-03 Telefonaktiebolaget L M Ericsson (Publ) Intelligent traffic quota management in split-architecture networks
US9213607B2 (en) 2010-09-30 2015-12-15 Axcient, Inc. Systems, methods, and media for synthesizing views of file system backups
US9235474B1 (en) * 2011-02-17 2016-01-12 Axcient, Inc. Systems and methods for maintaining a virtual failover volume of a target computing system
US20160054931A1 (en) * 2014-08-20 2016-02-25 Sandisk Technologies Inc. Storage devices and methods for optimizing use of storage devices based on storage device parsing of file system metadata in host write operations
US9292153B1 (en) 2013-03-07 2016-03-22 Axcient, Inc. Systems and methods for providing efficient and focused visualization of data
US9397907B1 (en) 2013-03-07 2016-07-19 Axcient, Inc. Protection status determinations for computing devices
US9563382B2 (en) 2014-06-05 2017-02-07 Sandisk Technologies Llc Methods, systems, and computer readable media for providing flexible host memory buffer
US9705730B1 (en) 2013-05-07 2017-07-11 Axcient, Inc. Cloud storage using Merkle trees
US9785647B1 (en) 2012-10-02 2017-10-10 Axcient, Inc. File system virtualization
US9852140B1 (en) 2012-11-07 2017-12-26 Axcient, Inc. Efficient file replication
US9927997B2 (en) 2015-12-21 2018-03-27 Sandisk Technologies Llc Methods, systems, and computer readable media for automatically and selectively enabling burst mode operation in a storage device
US10007442B2 (en) 2014-08-20 2018-06-26 Sandisk Technologies Llc Methods, systems, and computer readable media for automatically deriving hints from accesses to a storage device and from file system metadata and for optimizing utilization of the storage device based on the hints
US10037341B1 (en) * 2014-03-31 2018-07-31 EMC IP Holding Company LLC Nesting tree quotas within a filesystem
US10140304B1 (en) * 2015-12-10 2018-11-27 EMC IP Holding Company LLC Distributed metadata servers in a file system with separate metadata servers for file metadata and directory metadata
US10242025B2 (en) * 2015-10-27 2019-03-26 Netapp, Inc. Efficient differential techniques for metafiles
US10268584B2 (en) 2014-08-20 2019-04-23 Sandisk Technologies Llc Adaptive host memory buffer (HMB) caching using unassisted hinting
US10284437B2 (en) 2010-09-30 2019-05-07 Efolder, Inc. Cloud-based virtual machines and offices
US10467188B2 (en) * 2009-12-08 2019-11-05 Netapp, Inc. In-line policy management with multi-level object handle
US10521118B2 (en) 2016-07-13 2019-12-31 Sandisk Technologies Llc Methods, systems, and computer readable media for write classification and aggregation using host memory buffer (HMB)
US10762069B2 (en) * 2015-09-30 2020-09-01 Pure Storage, Inc. Mechanism for a system where data and metadata are located closely together
US10884920B2 (en) 2018-08-14 2021-01-05 Western Digital Technologies, Inc. Metadata-based operations for use with solid state devices
US11188680B2 (en) 2019-09-20 2021-11-30 International Business Machines Corporation Creating research study corpus
US11249664B2 (en) 2018-10-09 2022-02-15 Western Digital Technologies, Inc. File system metadata decoding for optimizing flash translation layer operations
US11321488B2 (en) 2019-09-20 2022-05-03 International Business Machines Corporation Policy driven data movement
US11328089B2 (en) 2019-09-20 2022-05-10 International Business Machines Corporation Built-in legal framework file management
US11327665B2 (en) 2019-09-20 2022-05-10 International Business Machines Corporation Managing data on volumes
US11340810B2 (en) 2018-10-09 2022-05-24 Western Digital Technologies, Inc. Optimizing data storage device operation by grouping logical block addresses and/or physical block addresses using hints
US11443056B2 (en) * 2019-09-20 2022-09-13 International Business Machines Corporation File access restrictions enforcement

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020147706A1 (en) * 2001-04-05 2002-10-10 International Business Machines Corporation Method for attachment and recognition of external authorization policy on file system resources
US20050010620A1 (en) * 2003-05-30 2005-01-13 Veritas Software Corporation Multi-volume file support
US20050138162A1 (en) * 2001-05-10 2005-06-23 Brian Byrnes System and method for managing usage quotas

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020147706A1 (en) * 2001-04-05 2002-10-10 International Business Machines Corporation Method for attachment and recognition of external authorization policy on file system resources
US20050138162A1 (en) * 2001-05-10 2005-06-23 Brian Byrnes System and method for managing usage quotas
US20050010620A1 (en) * 2003-05-30 2005-01-13 Veritas Software Corporation Multi-volume file support

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Jean-Michel Busca, Pastis: a Highly-Scalable Multi-User Peer-to-Peer File System, 2004, pp. 4-7. *
Scalability in the XFS File System, Adam Sweeney, 1996, pp. 1-19. *
U.S. Appl. No. 11/213,386, filed Aug. 24, 2005, Jonathan Scott Goldick, Performance Policies for a Filing System.

Cited By (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8689288B2 (en) * 2007-04-16 2014-04-01 Samsung Electronics Co., Ltd. Apparatus and method for protecting system in virtualized environment
US20080256599A1 (en) * 2007-04-16 2008-10-16 Samsung Electronics Co., Ltd. Apparatus and method for protecting system in virtualized environment
US20100024030A1 (en) * 2008-07-23 2010-01-28 Microsoft Corporation Restartable transformation automaton
US20120131063A1 (en) * 2009-07-02 2012-05-24 Laberge Tim Method for reliable and efficient filesystem metadata conversion
US20170242872A1 (en) * 2009-07-02 2017-08-24 Quantum Corporation Method for reliable and efficient filesystem metadata conversion
US8577939B2 (en) * 2009-07-02 2013-11-05 Quantum Corporation Method for reliable and efficient filesystem metadata conversion
US20130339401A1 (en) * 2009-07-02 2013-12-19 Quantum Corporation Method for Reliable and Efficient Filesystem Metadata Conversion
US10496612B2 (en) * 2009-07-02 2019-12-03 Quantum Corporation Method for reliable and efficient filesystem metadata conversion
US9684677B2 (en) * 2009-07-02 2017-06-20 Quantum Corporation Method for reliable and efficient filesystem metadata conversion
US10467188B2 (en) * 2009-12-08 2019-11-05 Netapp, Inc. In-line policy management with multi-level object handle
US9213607B2 (en) 2010-09-30 2015-12-15 Axcient, Inc. Systems, methods, and media for synthesizing views of file system backups
US8954544B2 (en) 2010-09-30 2015-02-10 Axcient, Inc. Cloud-based virtual machines and offices
US9104621B1 (en) 2010-09-30 2015-08-11 Axcient, Inc. Systems and methods for restoring a file
US8924360B1 (en) 2010-09-30 2014-12-30 Axcient, Inc. Systems and methods for restoring a file
US10284437B2 (en) 2010-09-30 2019-05-07 Efolder, Inc. Cloud-based virtual machines and offices
US8886611B2 (en) 2010-09-30 2014-11-11 Axcient, Inc. Systems and methods for restoring a file
US9559903B2 (en) 2010-09-30 2017-01-31 Axcient, Inc. Cloud-based virtual machines and offices
US9235474B1 (en) * 2011-02-17 2016-01-12 Axcient, Inc. Systems and methods for maintaining a virtual failover volume of a target computing system
US9178767B2 (en) 2011-12-09 2015-11-03 Telefonaktiebolaget L M Ericsson (Publ) Intelligent traffic quota management in split-architecture networks
US8948191B2 (en) * 2011-12-09 2015-02-03 Telefonaktiebolaget L M Ericsson (Publ) Intelligent traffic quota management
US20130148668A1 (en) * 2011-12-09 2013-06-13 Brian Kean Intelligent traffic quota management
US9785647B1 (en) 2012-10-02 2017-10-10 Axcient, Inc. File system virtualization
US9852140B1 (en) 2012-11-07 2017-12-26 Axcient, Inc. Efficient file replication
US11169714B1 (en) 2012-11-07 2021-11-09 Efolder, Inc. Efficient file replication
US9189409B2 (en) * 2013-02-19 2015-11-17 Avago Technologies General Ip (Singapore) Pte. Ltd. Reducing writes to solid state drive cache memories of storage controllers
US20140237163A1 (en) * 2013-02-19 2014-08-21 Lsi Corporation Reducing writes to solid state drive cache memories of storage controllers
US9397907B1 (en) 2013-03-07 2016-07-19 Axcient, Inc. Protection status determinations for computing devices
US9998344B2 (en) 2013-03-07 2018-06-12 Efolder, Inc. Protection status determinations for computing devices
US9292153B1 (en) 2013-03-07 2016-03-22 Axcient, Inc. Systems and methods for providing efficient and focused visualization of data
US10003646B1 (en) 2013-03-07 2018-06-19 Efolder, Inc. Protection status determinations for computing devices
US9705730B1 (en) 2013-05-07 2017-07-11 Axcient, Inc. Cloud storage using Merkle trees
US10599533B2 (en) 2013-05-07 2020-03-24 Efolder, Inc. Cloud storage using merkle trees
US10037341B1 (en) * 2014-03-31 2018-07-31 EMC IP Holding Company LLC Nesting tree quotas within a filesystem
US9563382B2 (en) 2014-06-05 2017-02-07 Sandisk Technologies Llc Methods, systems, and computer readable media for providing flexible host memory buffer
US10007442B2 (en) 2014-08-20 2018-06-26 Sandisk Technologies Llc Methods, systems, and computer readable media for automatically deriving hints from accesses to a storage device and from file system metadata and for optimizing utilization of the storage device based on the hints
US10228854B2 (en) * 2014-08-20 2019-03-12 Sandisk Technologies Llc Storage devices and methods for optimizing use of storage devices based on storage device parsing of file system metadata in host write operations
US20160054931A1 (en) * 2014-08-20 2016-02-25 Sandisk Technologies Inc. Storage devices and methods for optimizing use of storage devices based on storage device parsing of file system metadata in host write operations
US10268584B2 (en) 2014-08-20 2019-04-23 Sandisk Technologies Llc Adaptive host memory buffer (HMB) caching using unassisted hinting
US20200379965A1 (en) * 2015-09-30 2020-12-03 Pure Storage, Inc. Mechanism for a system where data and metadata are located closely together
US11567917B2 (en) * 2015-09-30 2023-01-31 Pure Storage, Inc. Writing data and metadata into storage
US10762069B2 (en) * 2015-09-30 2020-09-01 Pure Storage, Inc. Mechanism for a system where data and metadata are located closely together
US10242025B2 (en) * 2015-10-27 2019-03-26 Netapp, Inc. Efficient differential techniques for metafiles
US10140304B1 (en) * 2015-12-10 2018-11-27 EMC IP Holding Company LLC Distributed metadata servers in a file system with separate metadata servers for file metadata and directory metadata
US9927997B2 (en) 2015-12-21 2018-03-27 Sandisk Technologies Llc Methods, systems, and computer readable media for automatically and selectively enabling burst mode operation in a storage device
US10521118B2 (en) 2016-07-13 2019-12-31 Sandisk Technologies Llc Methods, systems, and computer readable media for write classification and aggregation using host memory buffer (HMB)
US10884920B2 (en) 2018-08-14 2021-01-05 Western Digital Technologies, Inc. Metadata-based operations for use with solid state devices
US11249664B2 (en) 2018-10-09 2022-02-15 Western Digital Technologies, Inc. File system metadata decoding for optimizing flash translation layer operations
US11340810B2 (en) 2018-10-09 2022-05-24 Western Digital Technologies, Inc. Optimizing data storage device operation by grouping logical block addresses and/or physical block addresses using hints
US11188680B2 (en) 2019-09-20 2021-11-30 International Business Machines Corporation Creating research study corpus
US11321488B2 (en) 2019-09-20 2022-05-03 International Business Machines Corporation Policy driven data movement
US11328089B2 (en) 2019-09-20 2022-05-10 International Business Machines Corporation Built-in legal framework file management
US11327665B2 (en) 2019-09-20 2022-05-10 International Business Machines Corporation Managing data on volumes
US11443056B2 (en) * 2019-09-20 2022-09-13 International Business Machines Corporation File access restrictions enforcement

Similar Documents

Publication Publication Date Title
US7743038B1 (en) Inode based policy identifiers in a filing system
US11153380B2 (en) Continuous backup of data in a distributed data store
US11895188B2 (en) Distributed storage system with web services client interface
US10652076B2 (en) Dynamic application instance discovery and state management within a distributed system
US10210167B1 (en) Multi-level page caching for distributed object store
US7937453B1 (en) Scalable global namespace through referral redirection at the mapping layer
JP6199394B2 (en) Software-defined network attachable storage system and method
US8316066B1 (en) Shadow directory structure in a distributed segmented file system
US7827146B1 (en) Storage system
US8996490B1 (en) Managing logical views of directories
US7487228B1 (en) Metadata structures and related locking techniques to improve performance and scalability in a cluster file system
US8938425B1 (en) Managing logical views of storage
WO2002050714A2 (en) A data storage system including a file system for managing multiple volumes
US10909143B1 (en) Shared pages for database copies
US7882086B1 (en) Method and system for portset data management
US9934140B1 (en) Allocating blocks in storage systems
US11847095B1 (en) Managing truncation of files of file systems

Legal Events

Date Code Title Description
AS Assignment

Owner name: ONSTOR, INC.,CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GOLDICK, JONATHAN SCOTT;REEL/FRAME:016928/0821

Effective date: 20050811

AS Assignment

Owner name: SILICON VALLEY BANK,CALIFORNIA

Free format text: SECURITY AGREEMENT;ASSIGNOR:ONSTOR, INC.;REEL/FRAME:017600/0514

Effective date: 20060508

AS Assignment

Owner name: CARR & FERRELL LLP,CALIFORNIA

Free format text: LIEN;ASSIGNOR:ONSTOR, INC.;REEL/FRAME:022019/0349

Effective date: 20081219

AS Assignment

Owner name: ONSTOR, INC,CALIFORNIA

Free format text: RELEASE OF SECURITY AGREEMENT (DE);ASSIGNOR:CARR & FERRELL LLP;REEL/FRAME:022131/0541

Effective date: 20090114

AS Assignment

Owner name: ONSTAR, INC.,CALIFORNIA

Free format text: MERGER;ASSIGNOR:NAS ACQUISITION CORPORATION;REEL/FRAME:023155/0009

Effective date: 20090727

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

AS Assignment

Owner name: ONSTOR, INC,COLORADO

Free format text: RELEASE;ASSIGNOR:SILICON VALLEY BANK;REEL/FRAME:023727/0937

Effective date: 20091217

AS Assignment

Owner name: ONSTOR, INC.,CALIFORNIA

Free format text: MERGER;ASSIGNOR:NAS ACQUISITION CORPORATION;REEL/FRAME:023954/0365

Effective date: 20090727

AS Assignment

Owner name: LSI CORPORATION,CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ONSTOR, INC.;REEL/FRAME:023985/0518

Effective date: 20100204

FPAY Fee payment

Year of fee payment: 4

AS Assignment

Owner name: DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AG

Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:LSI CORPORATION;AGERE SYSTEMS LLC;REEL/FRAME:032856/0031

Effective date: 20140506

AS Assignment

Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:LSI CORPORATION;REEL/FRAME:035390/0388

Effective date: 20140814

AS Assignment

Owner name: AGERE SYSTEMS LLC, PENNSYLVANIA

Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS (RELEASES RF 032856-0031);ASSIGNOR:DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT;REEL/FRAME:037684/0039

Effective date: 20160201

Owner name: LSI CORPORATION, CALIFORNIA

Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS (RELEASES RF 032856-0031);ASSIGNOR:DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT;REEL/FRAME:037684/0039

Effective date: 20160201

AS Assignment

Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA

Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:037808/0001

Effective date: 20160201

Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH

Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:037808/0001

Effective date: 20160201

AS Assignment

Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD., SINGAPORE

Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041710/0001

Effective date: 20170119

Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD

Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041710/0001

Effective date: 20170119

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.)

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.)

STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20180622